The Republican Party of Iowa exposed the voter data of two million people in what appears to be a really dumb accident, according to the Wall Street Journal.

These records can be purchased from the Iowa Secretary of State. Sales are restricted to customers using the records for political research. A security failure left records available for anyone to discover. An Iowa caucus attendee found it and alerted the WSJ, which then informed the Iowa GOP:

The database, which was removed from IowaGOP.org after an inquiry by The Wall Street Journal, included information on Republicans, Democrats and independents that are registered to vote in the state. The records include birth dates, addresses and party affiliations.

The voting records don’t say who a person voted for, just whether or not they voted. It includes presidential primary and general election records, as well as state, local and school board elections dating back decades.

Advertisement

This isn’t the first time voter data has been exposed online this election cycle. In December, a security researcher discovered what appear to be 191 million voting records exposed online.

This stuff is collected from public records, so it’s not like the data was top secret—if you had around $1,800 and a convincing excuse about doing political research, you could’ve purchased them. This is, however, yet another example of how poorly organizations handle data they mean to keep secret.